Yet Another Reason To Buy Your PC From A Local System Builder

You get a better system for the price.  You get service and a guarantee from someone you actually have met.  Plus none of this junk.  If your system is loaded with preinstalled junk that came with your computer it’s time to bring it in and have all this junk cleaned out, you don’t need it.  It slows down your system. And more and more of these programs are leaving giant security holes in your system.

From Ars:

Diagnostic software preinstalled on many Dell computers is now being flagged as a potentially unwanted program by antivirus program Malwarebytes following the discovery of a vulnerability that allows attackers to remotely execute malicious code on older versions.

The application known as Dell System Detect failed to validate code before downloading and running it, according to a report published last month by researcher Tom Forbes. Because the program starts itself automatically, a malicious hacker could use it to infect vulnerable machines by luring users to a booby-trapped website. According to researchers with AV provider F-Secure, the malicious website need only have contained the string “dell” somewhere in its domain name to exploit the weakness. www.notreallydell.com was just one example of a site that would have worked.

Dell released an update in response to Forbes’s report, but even then, users remained vulnerable. That’s because the updated program still accepted downloads from malicious sites that had a subdomain with “dell” in it, for instance, a.dell.fakesite.ownedbythebadguys.com.

“What this basically means is that anyone with a vulnerable version of the tool (which maintains persistence on the system and therefore is always running) might be directed by an attacker to a specific website designed to exploit the flaw in the program and execute any commands the attacker wishes,” Malwarebytes researcher Adam Kujawa wrote in a blog post published Friday. “This could potentially lead to malware being installed without user awareness, stolen credentials, damaged system configuration and more.”

 


Leave a Reply